Overview
- Microsoft patched CVE-2025-62221, a use-after-free in the Windows Cloud Files Mini Filter Driver that is being exploited to gain SYSTEM privileges and appears to impact all supported Windows versions, according to Trend Micro’s ZDI.
- Two publicly disclosed zero-days were addressed without evidence of active exploitation: CVE-2025-64671 in GitHub Copilot for JetBrains, which enables command execution via cross-prompt injection, and CVE-2025-54100 in PowerShell, which affects how web content is processed.
- CISA added CVE-2025-62221 to its Known Exploited Vulnerabilities catalog and required Federal Civilian Executive Branch agencies to remediate by December 30, 2025.
- Three remote code execution flaws rated critical were fixed in Office and Outlook, with two Office bugs (CVE-2025-62554 and CVE-2025-62557) exploitable via the Preview Pane.
- Vendor analyses highlight elevation of privilege (28) and remote code execution (19) as the leading risk categories in this release, with Microsoft logging roughly 1,139 CVEs patched across 2025.